If you’re reading this, you may have spotted November’s test phishing email! This email was sent as part of the Secure UD “Take a BITE out of phish!” campaign, a University initiative to raise our community’s awareness about phishing attacks, their consequences, and how to avoid becoming a victim. As part of the campaign, random samples of employees will receive a harmless test phish (like this one).

Let’s see what makes this email so suspicious:

  1. Check the sender. If the “from” address is unfamiliar or not recognizable, take a few extra moments to examine the contents of the email message.
  2. Don’t let them scare you. Cybercriminals may use threats or a false sense of urgency to trick you into acting without thinking. If an email contains a false sense of urgency to do something immediately, like opening and reviewing this “resume”, something may be phishy.
  3. Check for poor spelling and grammar. Typically, official emails from organizations you trust will not be rife with spelling and grammar errors. If an email claims to come from a legitimate source but contains numerous errors, like missing punctuation, something may be phishy.
  4. Don’t open suspicious attachments or download suspicious files. Some phishing emails try to get you to open an attached file. These attachments often contain malware that will infect your device; if you open then, you could be giving hackers access to your data or control of your device. If you get an unexpected or suspicious attachment in an email, something may be phishy.

Always exercise caution; if you receive a suspicious request for your personal information, instructions to visit a suspicious website, or see a suspicious attachment, forward it to reportaphish@udel.edu.

And always, Think B4 You Click!